Security

Reply
Frequent Contributor I
Posts: 271
Registered: ‎09-24-2010

Allow only corporate devices

Is there a way to only allow corporate smart devices to connect to our wireless network?  Our MDM provider is Airwatch and we have it setup in Clearpass where only Airwatch provisioned smart devices are allowed to connect to the wireless.  However, we are moving away from Airwatch and possibly going to Intune.  There is no integration with Intune just yet.  Is there another way we can only allow the corporate owned devices to connect?  we also use Onboarding which is tied to a backend AD group but that wont block personal devices from connecting.. ideas?

Guru Elite
Posts: 8,759
Registered: ‎09-08-2010

Re: Allow only corporate devices

As long as you have some type of information in ClearPass or an externally accesible source that has ownership information, you can use it to make a decision.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 271
Registered: ‎09-24-2010

Re: Allow only corporate devices

so we need to find something unique on all the corporate devices?

Guru Elite
Posts: 8,759
Registered: ‎09-08-2010

Re: Allow only corporate devices

You need to either maintain a MAC list, an SQL database, add attributes to the endpoints or some other authoritative source of information.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 271
Registered: ‎09-24-2010

Re: Allow only corporate devices

so we could add all the corp devices MAC addresses to Clearpass and would have to add it to that list when we enroll new devices? and only that list would be able to connect?

MVP
Posts: 226
Registered: ‎03-03-2011

Re: Allow only corporate devices

InTune integration can be done with an SQL query. See the attached doc.

David
ACDX #98 | ACMP | ACCP
Search Airheads
Showing results for 
Search instead for 
Did you mean: